ExpenseIQ LogoExpenseIQ

Privacy Statement

Last updated: March 15, 2026

1. Introduction

LOFA Group ("we," "us," or "our") operates ExpenseIQ, a fleet management and expense tracking platform. We are committed to protecting your privacy and ensuring the security of your personal information.

This Privacy Statement explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this Privacy Statement carefully. By using ExpenseIQ, you consent to the data practices described in this statement.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us, including:

  • Account Information: Name, email address, phone number, and password
  • Profile Information: Display name, profile picture, and role within your organization
  • Organization Data: Company name, group information, and entity assignments
  • Vehicle Information: Vehicle details, license plates, VIN numbers, and ownership information
  • Financial Data: Fuel expenses, maintenance costs, toll expenses, and other operational costs
  • Operational Data: Gas entries, maintenance records, inspection reports, and accident documentation

2.2 Automatically Collected Information

When you use the Service, we automatically collect certain information, including:

  • Usage Data: Pages visited, features used, time spent on the Service, and interaction patterns
  • Device Information: Device type, operating system, browser type, and IP address
  • Location Data: GPS coordinates and location information when using location-based features
  • Log Data: Access times, error logs, and system performance data

2.3 Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our Service and store certain information. Cookies are files with a small amount of data that may include an anonymous unique identifier.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • Service Provision: To provide, maintain, and improve the Service
  • Account Management: To create and manage your account, authenticate users, and process transactions
  • Communication: To send you notifications, alerts, updates, and respond to your inquiries
  • Analytics: To analyze usage patterns, generate reports, and improve our Service
  • Security: To detect, prevent, and address technical issues, fraud, and security threats
  • Compliance: To comply with legal obligations and enforce our Terms of Service
  • Personalization: To customize your experience and provide relevant content

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Within Your Organization

Information may be shared with other users within your organization (group) based on your role and permissions. Administrators and supervisors may have access to data within their assigned groups and entities.

4.2 Service Providers

We may share information with third-party service providers who perform services on our behalf, including:

  • Cloud hosting and storage providers (Firebase, Supabase)
  • Authentication services (Google, Microsoft OAuth)
  • Email delivery services
  • Analytics and monitoring tools

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to the same privacy protections.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Row-level security (RLS) policies to restrict data access
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Secure authentication via Firebase Authentication
  • Regular backups and disaster recovery procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide the Service to you
  • Comply with legal obligations
  • Resolve disputes and enforce our agreements
  • Maintain business records for operational purposes

When you delete your account, we will delete or anonymize your personal information, except where we are required to retain it for legal or legitimate business purposes.

7. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information, including:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to certain processing of your information
  • Restriction: Request restriction of processing your information
  • Withdrawal of Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us using the information provided in the "Contact Us" section below. We will respond to your request within a reasonable timeframe.

8. Children's Privacy

ExpenseIQ is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

By using the Service, you consent to the transfer of your information to these countries. We take appropriate measures to ensure that your information receives an adequate level of protection in accordance with this Privacy Statement.

10. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices or content of these third-party sites. We encourage you to review the privacy policies of any third-party sites you visit.

11. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. We will notify you of any material changes by:

  • Posting the updated Privacy Statement on this page
  • Updating the "Last updated" date at the top of this page
  • Sending an email notification to registered users (for significant changes)

Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Statement.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Statement or our data practices, please contact us at:

LOFA Group

Email: info@lofagroup.com

Phone: +1 (787) 371-8815

Address: San Juan, Puerto Rico

For data protection inquiries, you may also contact our Data Protection Officer at the same address, marked "Attention: Data Protection Officer."

← Back to Home